As you may be aware, over the last couple of days the Tiebreak service has been down. This has been the longest period of downtime in it’s 7+ year history. The past couple of days have been very frustrating, so I thought I’d explain what happened here.
On Thursday afternoon my host detected that the server Tiebreak is hosted on was the source of a DDoS attack. They immediately disabled all networking to and from the server which is why the service stopped working.
Most importantly, I’d like to reassure all users that no sensitive data has been lost during this attack. Firstly, payment data such as card information is never seen by the Tiebreak server and is handled directly by my payment partner Stripe. Secondly, any other sensitive information is encrypted before being stored. And finally, there is no indication that the attackers gained access to any data, and due to the quick work of my host, the server was locked down super fast.
Next, however, came the long process of recovering the data from the server that even I no longer had access to. Tiebreak is backed up on a weekly basis, and luckily the most recent backup available was from the day before, however ideally I wanted to restore the most up to date version of the site so there was not even 1 day’s worth of data loss.
As of this morning everything has now been recovered and is back online, and everything should be up to date as it was the second it went down.
Events like this, however big or small, are a learning process. I also believe there is good to come out of all situations. The events of the last couple of days have forced a server upgrade that I’d planned to do but hadn’t got around to yet. It’s also made me think seriously about a lot of other upgrades behind the scenes to help prevent situations like this occurring again – and lessening the impact when they do.
Finally, I’d like to apologise for the downtime over the last couple of days. I’m going to be spending the next day or two reviewing everything to ensure everything’s back working as it should be, but as of now everything looks to be back online again 🙂